Info

Disclosure

Jul 24, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jul 20, 2007

Description

A buffer overflow exists in InterBase. ibserver.exe fails to validate 'create' requests received on TCP port 3050 resulting in a stack overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public, Exploit Commercial
Disclosure: Vendor Verified, Coordinated Disclosure

Solution

Upgrade to Service Pack 2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Borland

Interbase

2007

References

Security Tracker: 1018451
CVE ID: 2007-3566 (see also: NVD)
Bugtraq ID: 25048
Secunia Advisory ID: 26189
ISS X-Force ID: 35574
Metasploit ID: 38602
VUPEN Advisory: ADV-2007-2642
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-07/0281.html
Other Advisory URL: http://dvlabs.tippingpoint.com/advisory/TPTI-07-13
http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered
http://securityreason.com/securityalert/2929
http://www.codegear.com/downloads/regusers/interbase
Generic Exploit URL: http://immunitysec.com
http://www.saintcorporation.com/cgi-bin/exploit_info/interbase_create
Keyword: TCP port 3050

Credit

Cody Pierce - TippingPoint

Direct URL: http://osvdb.org/38602